After reviewing this week’s modules, the essential difference between a threat and an attack is if the threat has been exploited. A threat, in summary, is a potential weak point that an individual could take advantage of with nefarious intentions. An attack is the literal occurrence of exploitation occurring. I conceptualized this difference in means of someone threatening another with bodily harm and someone acting on that threat and physically assaulting the individual that was threatened. Exploits relate to vulnerabilities as a tool or means of maneuvering a vulnerability. A vulnerability, for instance, could be inferior software or poor password enforcement policies that do not limit password login attempts. In correlation, an exploit would be malicious Python code to break or dismantle the software or a brute force attack to eventually crack a password and authenticate to the network.
There are acceptable reasons to study and use the attack methods described within boundaries and full transparency of the parties involved. The instructor was a world-renowned Penetration tester when studying for the Certified Ethical Hacker exam. He stated that he would meet with the company hiring him to hack into their network and review what would be permitted and what wouldn’t be and how much prior knowledge of the network he would be given (Blackbox/Whitebox). He mentioned that companies regularly requested that he not perform social engineering attacks on employees. After the staged attack, he would review logs and findings with clients and go over any false positives or negatives as well as remedies for these exploited vulnerabilities. His team was proficient in Python scripting and Linux to gain root permissions and even eventually authenticate to Cisco routers, effectively shutting down resources and attacking the company’s availability.
V/R
Daniel